IACR News
If you have a news item you wish to distribute, they should be sent to the communications secretary. See also the events database for conference announcements.
Here you can see all recent updates to the IACR webpage. These updates are also available:
21 June 2023
University of Leuven, COSIC Research Group
Specific Skills Required: The candidate should hold a Master's degree in mathematics and/or computer science, preferably with experience in algebraic geometry. Candidates that perform well on international maths/CS olympiades are preferred.
Closing date for applications:
Contact: frederik.vercauteren[at]esat.kuleuven.be
More information: https://www.esat.kuleuven.be/cosic/vacancies/
EURECOM, S3 Group, Sophia Antipolis, France
Closing date for applications:
Contact: Daniele Antonioli
University of Connecticut, CT, USA
The positions provide a great opportunity for students with interest in interdisciplinary projects that combine knowledge from various fields towards the design of secure systems and protocols. We target real-world and timely problems and aim to develop secure and practical solutions backed by rigorous foundations and efficient implementations. We are also interested in conceptual projects that contribute in bridging the gap between theory and practice of Cryptography.
For more information about our current and previous projects please check https://ghadaalmashaqbeh.github.io/research/. For interested students, please send your CV to ghada@uconn.edu and provide any relevant information about your research interests, skills and background.
Closing date for applications:
Contact: Ghada Almashaqbeh
More information: https://ghadaalmashaqbeh.github.io/
The University of Edinburgh
Knowledge, skills and experience:
- Ph.D. (or near completion) in cryptography or related fields
- Track record of strong publications
- Strong experience in provable security, and in the design of cryptographic protocols
- Strong experience in research in one or more of the following areas: secure multi-party computation, zero-knowledge proofs, blockchain, functional encryption, fully-homomorphic encryption, and distributed algorithms.
- Experience in implementing cryptographic algorithms, and writing software for security-related applications
- Ability to communicate complex information clearly, orally, and in writing.
Please apply by July 17th, 2023 using the following link https://elxw.fa.em3.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1001/job/7729.
Closing date for applications:
Contact: Michele Ciampi
More information: https://elxw.fa.em3.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1001/job/7729
20 June 2023
Wilson Nguyen, Dan Boneh, Srinath Setty
Cathy Yuanchen Li, Jana Sotáková, Emily Wenger, Zeyuan Allen-Zhu, Francois Charton, Kristin Lauter
Jens Ernstberger, Jan Lauinger, Fatima Elsheimy, Liyi Zhou, Sebastian Steinhorst, Ran Canetti, Andrew Miller, Arthur Gervais, Dawn Song
Hao Cheng, Daniel Page
Joppe W. Bos, Alexander Dima, Alexander Kiening, Joost Renes
Xiang Xie, Kang Yang, Xiao Wang, Yu Yu
This paper proposes the garble-then-prove technique to achieve the same security requirement without using any heavy mechanism like generic malicious 2PC. Our end-to-end implementation shows 14$\times$ improvement in communication and an order of magnitude improvement in computation over the state-of-the-art protocol; we also show worldwide performance when using our protocol to authenticate payload data from Coinbase and Twitter APIs. Finally, we propose an efficient gadget to privately convert the above authenticated TLS payload to Pedersen commitments so that the properties of the payload can be proven efficiently using zkSNARKs.
Tim Beyne
Mieczysław Kula
Matteo Campanelli, Nicolas Gailly, Rosario Gennaro, Philipp Jovanovic, Mara Mihali, Justin Thaler
Akram Khalesi, Zahra Ahmadian
Mohammad Hajiabadi, Shahram Khazaei, Behzad Vahdani
19 June 2023
Changmin Lee, Seonhong Min, Jinyeong Seo, Yongsoo Song
In this work, we introduce several optimization techniques for the TFHE bootstrapping. We first define a new key distribution, called the block binary distribution, where the secret key can be expressed as a concatenation of several vectors of Hamming weight at most one. We analyze the hardness of (Ring) LWE with a block binary secret and provide candidate parameter sets which are secure against the best-known attacks. Then, we use the block key structure to simplify the inner working of blind rotation and reduce its complexity. We also modify the RLWE key generation and the gadget decomposition method to improve the performance of the key-switching algorithm in terms of complexity and noise growth.
Finally, we use the TFHE library to implement our algorithms and demonstrate their benchmarks. Our experimentation shows that the execution time of TFHE bootstrapping is reduced from 10.5ms down to 6.4ms under the same security level, and the size of the bootstrapping key decreases from 109MB to 60MB.
Dima Grigoriev, Ilia Ilmer, Alexey Ovchinnikov, Vladimir Shpilrain
Aviv Yaish, Kaihua Qin, Liyi Zhou, Aviv Zohar, Arthur Gervais
In this work, we show that adversaries can craft malicious transactions that decouple the work imposed on blockchain actors from the compensation offered in return. We introduce three attacks: (i) ConditionalExhaust, the first conditional Resource Exhaustion Attack (REA) against blockchain actors. (ii) MemPurge, an attack for evicting transactions from victims' mempools. (iii) These attack are augmented by GhostTX, the first attack on the reputation system used in Ethereum's Proposer-Builder Separation ecosystem.
We empirically evaluate the attacks on an Ethereum testnet. The worst-case result we find is that by combining ConditionalExhaust and MemPurge, an adversary can simultaneously burden victims' computational resources and clog their mempools, to the point where victims are unable to include transactions in their blocks. Thus, victims create empty blocks, thereby hurting the system's liveness. The expected cost of a one-shot combined attack is $376, but becomes much cheaper if the adversary is a validator. For other attackers, costs decrease if censorship is prevalent in the network.
ConditionalExhaust and MemPurge are made possible by inherent features of Turing-complete blockchains. Potential mitigations may result in reducing a ledger's scalability, an undesirable outcome likely harming its competitiveness.
Benny Applebaum, Amos Beimel, Yuval Ishai, Eyal Kushilevitz, Tianren Liu, Vinod Vaikuntanathan
The question of minimizing the (largest) share size for a given $f$ has been the subject of a large body of work. However, in most existing constructions for general access structures $f$, the share size is not much smaller than the size of some natural computational representation of $f$, a fact that has often been referred to as the ``representation size barrier'' in secret sharing.
In this work, we initiate a systematic study of succinct computational secret sharing (SCSS), where the secrecy requirement is computational and the goal is to substantially beat the representation size barrier. We obtain the following main results.
(1) SCSS via Projective PRGs. We introduce the notion of a *projective PRG*, a pseudorandom generator for which any subset of the output bits can be revealed while keeping the other output bits hidden, using a *short* projective seed. We construct projective PRGs with different levels of succinctness under a variety of computational assumptions, and apply them towards constructing SCSS for graph access structures, monotone CNF formulas, and (less succinctly) useful subclasses of monotone circuits and branching programs. Most notably, under the sub-exponential RSA assumption, we obtain a SCSS scheme that, given an arbitrary access structure $f$, represented by a truth table of size $N=2^n$, produces shares of size polylog(N)=\poly(n) in time $\tilde O(N)$. For comparison, the share size of the best known information-theoretic schemes is $O(N^{0.58})$.
(2) SCSS via One-way Functions. Under the (minimal) assumption that one-way functions exist, we obtain a near-quadratic separation between the total share size of computational and information-theoretic secret sharing. This is the strongest separation one can hope for, given the state of the art in secret sharing lower bounds. We also construct SCSS schemes from one-way functions for useful classes of access structures, including forbidden graphs and monotone DNF formulas. This leads to constructions of fully-decomposable conditional disclosure of secrets (also known as privacy-free garbled circuits) for general functions, represented by a truth table of size $N=2^n$, with share size polylog(N) and computation time $\tilde O(N)$, assuming sub-exponentially secure one-way functions.